That was fascinating. Thank you for sharing. I’m still early on my self-hosting journey, but a year or two ago I would have understood next to nothing of that. :D
Comment on Hetzner Server auction worth it?
RaineVixen@programming.dev 9 months agoIt was Hetzner and Linode. Likely police wiretapping.
njordomir@lemmy.world 9 months ago
waigl@lemmy.world 9 months ago
Wait, they managed to forge Let’s Encrypt certificates? While it explains the attack on TLS (though technically not https as originally claimed, not that it makes much of a difference), that’s even worse…
Darkassassin07@lemmy.ca 9 months ago
If you have control over the host, getting a legit valid cert is trivial.
They’re a hosting company. It wouldn’t take much for them to temporarily have a vps grab some certs for domains that already point at you.
taladar@sh.itjust.works 9 months ago
Technically you don’t even need to have control over the host, just over the data flow to the IP.